SSL Certificate authentication in ASP.NET Core
Have you ever wondered, even though you added a certificate to HttpClient while accessing data from the Api service, why you are getting unAuthorized access or your Api is not working as expected? Answer to the above question is that the certificate exchange is done at the start of the HTTPS conversation, it's done by the server before the first request is received on that connection. So the right place to add a certificate to HttpClient is the Program.cs or StartUp.cs file. Microsoft.AspNetCore.Authentication.Certificate contains an implementation similar to Certificate Authentication for ASP.NET Core. Certificate authentication happens at the TLS level, long before it ever gets to ASP.NET Core. More accurately, this is an authentication handler that validates the certificate and then gives you an event where you can resolve that certificate to a ClaimsPrincipal. Implement an HttpClient using a certificate and IHttpClientFactory In the following example, a client certificate is